diff --git a/service/files/sahara.conf.j2 b/service/files/sahara.conf.j2
index 0dae9f0..098e641 100644
--- a/service/files/sahara.conf.j2
+++ b/service/files/sahara.conf.j2
@@ -16,7 +16,7 @@ transport_url = rabbit://{{ rabbitmq.user }}:{{ rabbitmq.password }}@{{ address(
 heat_enable_wait_condition = {{ sahara.enable_wait_condition }}
 
 [database]
-connection = mysql+pymysql://{{ sahara.db.username }}:{{ sahara.db.password }}@{{ address(service.database) }}/{{ sahara.db.name }}{% if percona.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
+connection = mysql+pymysql://{{ sahara.db.username }}:{{ sahara.db.password }}@{{ address(service.database) }}/{{ sahara.db.name }}{% if db.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
 max_retries = -1
 
 {{ keystone_authtoken.keystone_authtoken(sahara.auth.user, sahara.auth.password) }}
diff --git a/service/sahara-api.yaml b/service/sahara-api.yaml
index 61d1eb1..7ee3edc 100644
--- a/service/sahara-api.yaml
+++ b/service/sahara-api.yaml
@@ -15,9 +15,9 @@ service:
           command:
             mysql -u root -p{{ db.root_password }} -h {{ address(service.database) }} -e "create database {{ sahara.db.name }};
             create user '{{ sahara.db.username }}'@'%' identified by '{{ sahara.db.password }}'
-            {% if percona.tls.enabled %} require ssl {% endif %};
+            {% if db.tls.enabled %} require ssl {% endif %};
             grant all privileges on {{ sahara.db.name }}.* to '{{ sahara.db.username }}'@'%' identified by '{{ sahara.db.password }}'
-            {% if percona.tls.enabled %} require ssl {% endif %};"
+            {% if db.tls.enabled %} require ssl {% endif %};"
         - name: sahara-db-sync
           files:
             - sahara-conf